#!/bin/bash
#
# The 'run' performs a simple test that verifies that S2I image.
# The main focus here is to excersise the S2I scripts.
#
# IMAGE_NAME specifies a name of the candidate image used for testing.
# The image has to be available before this script is executed.
#
IMAGE_NAME=${IMAGE_NAME-centos/php-71-centos-candidate}

# TODO: Make command compatible for Mac users
test_dir="$(readlink -zf $(dirname "${BASH_SOURCE[0]}"))"
image_dir=$(readlink -zf ${test_dir}/..)

source "${test_dir}/test-lib.sh"

# TODO: This should be part of the image metadata
test_port=8080
test_port_ssl=8443

info() {
  echo -e "\n\e[1m[INFO] $@...\e[0m\n"
}

image_exists() {
  docker inspect $1 &>/dev/null
}

container_exists() {
  image_exists $(cat $cid_file)
}

container_ip() {
  docker inspect --format="{{ .NetworkSettings.IPAddress }}" $(cat $cid_file)
}

run_s2i_build() {
  ct_s2i_build_as_df file://${test_dir}/test-app ${IMAGE_NAME} ${IMAGE_NAME}-testapp ${s2i_args} $(ct_build_s2i_npm_variables)
}

prepare() {
  if ! image_exists ${IMAGE_NAME}; then
    echo "ERROR: The image ${IMAGE_NAME} must exist before this script is executed."
    exit 1
  fi
  # TODO: S2I build require the application is a valid 'GIT' repository, we
  # should remove this restriction in the future when a file:// is used.
  info "Build the test application image"
  pushd ${test_dir}/test-app >/dev/null
  git init
  git config user.email "build@localhost" && git config user.name "builder"
  git add -A && git commit -m "Sample commit"
  popd >/dev/null
}

run_test_application() {
  run_args=${CONTAINER_ARGS:-}
  docker run --user=100001 ${run_args} --cidfile=${cid_file} ${IMAGE_NAME}-testapp
}

cleanup_test_app() {
  info "Cleaning up the test application"
  if [ -f $cid_file ]; then
    if container_exists; then
      docker stop $(cat $cid_file)
      docker rm $(cat $cid_file)
    fi
    rm $cid_file
  fi
}

cleanup() {
  info "Cleaning up the test application image"
  if image_exists ${IMAGE_NAME}-testapp; then
    docker rmi -f ${IMAGE_NAME}-testapp
  fi
  rm -rf ${test_dir}/test-app/.git
}

check_result() {
  local result="$1"
  if [[ "$result" != "0" ]]; then
    info "TEST FAILED (${result})"
    cleanup
    exit $result
  fi
}

wait_for_cid() {
  local max_attempts=10
  local sleep_time=1
  local attempt=1
  local result=1
  info "Waiting for application container to start"
  while [ $attempt -le $max_attempts ]; do
    [ -f $cid_file ] && [ -s $cid_file ] && break
    attempt=$(( $attempt + 1 ))
    sleep $sleep_time
  done
}

test_s2i_usage() {
  info "Testing 's2i usage'"
  ct_s2i_usage ${IMAGE_NAME} ${s2i_args} &>/dev/null
}

test_docker_run_usage() {
  info "Testing 'docker run' usage"
  docker run ${IMAGE_NAME} &>/dev/null
}

test_scl_usage() {
  local run_cmd="$1"
  local expected="$2"

  info "Testing the image SCL enable"
  out=$(docker run --rm ${IMAGE_NAME} /bin/bash -c "${run_cmd}")
  if ! echo "${out}" | grep -q "${expected}"; then
    echo "ERROR[/bin/bash -c "${run_cmd}"] Expected '${expected}', got '${out}'"
    return 1
  fi
  out=$(docker exec $(cat ${cid_file}) /bin/bash -c "${run_cmd}" 2>&1)
  if ! echo "${out}" | grep -q "${expected}"; then
    echo "ERROR[exec /bin/bash -c "${run_cmd}"] Expected '${expected}', got '${out}'"
    return 1
  fi
  out=$(docker exec $(cat ${cid_file}) /bin/sh -ic "${run_cmd}" 2>&1)
  if ! echo "${out}" | grep -q "${expected}"; then
    echo "ERROR[exec /bin/sh -ic "${run_cmd}"] Expected '${expected}', got '${out}'"
    return 1
  fi
}

test_session() {
  local check_port=$1 ; shift
  local check_protocol=${1:-http}
  cat $cid_file
  info "Testing PHP session"
  response=$(curl -s -k ${check_protocol}://$(container_ip):${check_port}/session_test.php)
  if [ "${response}" != "Passed" ]; then
    echo "ERROR starting PHP session. Test app returned: '${response}'"
    return 1
  fi
}

test_connection() {
  local check_port=$1 ; shift
  local check_protocol=${1:-http}
  cat $cid_file
  info "Testing the HTTP connection (${check_protocol}://$(container_ip):${check_port})"
  local max_attempts=10
  local sleep_time=1
  local attempt=1
  local result=1
  while [ $attempt -le $max_attempts ]; do
    response_code=$(curl -s -w %{http_code} -o /dev/null -k ${check_protocol}://$(container_ip):${check_port}/)
    status=$?
    if [ $status -eq 0 ]; then
      if [ $response_code -eq 200 ]; then
        result=0
        break
      fi
    fi
    attempt=$(( $attempt + 1 ))
    sleep $sleep_time
  done
  return $result
}

test_application() {
  # Verify that the HTTP connection can be established to test application container
  run_test_application &

  # Wait for the container to write it's CID file
  wait_for_cid

  test_scl_usage "php --version" "7.1"
  check_result $?

  test_session ${test_port}
  check_result $?

  test_connection ${test_port}
  check_result $?
  test_connection ${test_port_ssl} https
  check_result $?
  cleanup_test_app
}

test_ssl() {
  local cert_dir=/tmp
  local cert_base=mycert
  ct_gen_self_signed_cert_pem ${cert_dir} ${cert_base}
  local private_key=${cert_dir}/${cert_base}-cert-selfsigned.pem
  local cert_file=${cert_dir}/${cert_base}-key.pem

}

test_ssl_own_cert() {
  ct_s2i_build_as_df file://${test_dir}/self-signed-ssl ${IMAGE_NAME} ${IMAGE_NAME}-test-self-signed-ssl ${s2i_args} $(ct_build_s2i_npm_variables)
  docker run -d --user=100001 ${run_args} --cidfile=${cid_file} ${IMAGE_NAME}-test-self-signed-ssl
  test_connection ${test_port_ssl} https
  check_result $?
  echo | openssl s_client -showcerts -servername $(container_ip) -connect $(container_ip):${test_port_ssl} 2>/dev/null | openssl x509 -inform pem -noout -text >./servercert
  openssl x509 -in ${test_dir}/self-signed-ssl/httpd-ssl/certs/server-cert-selfsigned.pem -inform pem -noout -text >./configcert
  diff ./configcert ./servercert >cert.diff
}

cid_file=$(mktemp -u --suffix=.cid)

# Since we built the candidate image locally, we don't want S2I attempt to pull
# it from Docker hub
s2i_args="--pull-policy=never"

prepare
run_s2i_build
check_result $?

# Verify the 'usage' script is working properly when running the base image with 's2i usage ...'
test_s2i_usage
check_result $?

# Verify the 'usage' script is working properly when running the base image with 'docker run ...'
test_docker_run_usage
check_result $?

# Test application with default uid
test_application

# Test application with random uid
CONTAINER_ARGS="--user 12345" test_application

echo "Testing npm availibility"
ct_npm_works
check_result $?

cleanup

test_ssl_own_cert
check_result $?
cleanup

info "All tests finished successfully."
